Nextcloud version (eg, 20.0.5): 24.0.6
Operating system and version (eg, Ubuntu 20.04): Debian 11 Bullseye
Apache or nginx version (eg, Apache 2.4.25): nginx 1.20.2
PHP version (eg, 7.4): 7.4.26
The issue you are facing:
Connection to LDAP server (Samba AD 4.16.5) seems to be a lottery. It works for a couple of seconds but then again fails consistently. The logs are littered with an error that there is a port missing:
Configuration Error (prefix s01): No LDAP Port given!
Is this the first time you’ve seen this error? (Y/N):
Y but then I never used NC in this version with Samba AD before.
Steps to replicate it:
- Try to setup LDAP/AD-integration, enter user credentials, server, protocol and host
- Try to determine or test the base-dn
The output of your Nextcloud log in Admin > Logging:
[user_ldap] Warnung: Configuration Error (prefix s01): No LDAP Port given!
POST /apps/user_ldap/ajax/wizard.php
from 10.10.10.195 by ncadmin at 2022-10-16T22:08:36+00:00
[support] Fehler: OC\ServerNotAvailableException: Lost connection to LDAP server. at <<closure>>
0. /config/www/nextcloud/apps/user_ldap/lib/LDAP.php line 407
OCA\User_LDAP\LDAP->processLDAPError()
1. /config/www/nextcloud/apps/user_ldap/lib/LDAP.php line 308
OCA\User_LDAP\LDAP->postFunctionCall()
2. /config/www/nextcloud/apps/user_ldap/lib/LDAP.php line 69
OCA\User_LDAP\LDAP->invokeLDAPMethod("*** sensitive parameters replaced ***")
3. /config/www/nextcloud/apps/user_ldap/lib/Connection.php line 685
OCA\User_LDAP\LDAP->bind("*** sensitive parameters replaced ***")
4. /config/www/nextcloud/apps/user_ldap/lib/Connection.php line 603
OCA\User_LDAP\Connection->bind("*** sensitive parameters replaced ***")
5. /config/www/nextcloud/apps/user_ldap/lib/Connection.php line 228
OCA\User_LDAP\Connection->establishConnection()
6. /config/www/nextcloud/apps/user_ldap/lib/Connection.php line 236
OCA\User_LDAP\Connection->init()
7. /config/www/nextcloud/apps/user_ldap/lib/Access.php line 1217
OCA\User_LDAP\Connection->getConnectionResource()
8. /config/www/nextcloud/apps/user_ldap/lib/Access.php line 985
OCA\User_LDAP\Access->count()
9. /config/www/nextcloud/apps/user_ldap/lib/User_LDAP.php line 596
OCA\User_LDAP\Access->countUsers()
10. /config/www/nextcloud/apps/user_ldap/lib/User_Proxy.php line 349
OCA\User_LDAP\User_LDAP->countUsers()
11. /config/www/nextcloud/apps/support/lib/Service/SubscriptionService.php line 128
OCA\User_LDAP\User_Proxy->countUsers()
12. /config/www/nextcloud/apps/support/lib/Service/SubscriptionService.php line 274
OCA\Support\Service\SubscriptionService->getUserCount()
13. /config/www/nextcloud/apps/support/lib/Subscription/SubscriptionAdapter.php line 52
OCA\Support\Service\SubscriptionService->getSubscriptionInfo()
14. /config/www/nextcloud/lib/private/Support/Subscription/Registry.php line 137
OCA\Support\Subscription\SubscriptionAdapter->hasValidSubscription()
15. /config/www/nextcloud/apps/settings/lib/Settings/Personal/ServerDevNotice.php line 103
OC\Support\Subscription\Registry->delegateHasValidSubscription()
16. /config/www/nextcloud/lib/private/Settings/Manager.php line 214
OCA\Settings\Settings\Personal\ServerDevNotice->getSection()
17. /config/www/nextcloud/lib/private/Settings/Manager.php line 328
OC\Settings\Manager->getSettings()
18. /config/www/nextcloud/lib/private/Settings/Manager.php line 289
OC\Settings\Manager->getPersonalSettings()
19. /config/www/nextcloud/apps/settings/lib/Controller/CommonSettingsTrait.php line 107
OC\Settings\Manager->getPersonalSections()
20. /config/www/nextcloud/apps/settings/lib/Controller/CommonSettingsTrait.php line 62
OCA\Settings\Controller\AdminSettingsController->formatPersonalSections()
21. /config/www/nextcloud/apps/settings/lib/Controller/CommonSettingsTrait.php line 139
OCA\Settings\Controller\AdminSettingsController->getNavigationParameters()
22. /config/www/nextcloud/apps/settings/lib/Controller/AdminSettingsController.php line 68
OCA\Settings\Controller\AdminSettingsController->getIndexResponse()
23. /config/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 225
OCA\Settings\Controller\AdminSettingsController->index()
24. /config/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 133
OC\AppFramework\Http\Dispatcher->executeController()
25. /config/www/nextcloud/lib/private/AppFramework/App.php line 172
OC\AppFramework\Http\Dispatcher->dispatch()
26. /config/www/nextcloud/lib/private/Route/Router.php line 298
OC\AppFramework\App::main()
27. /config/www/nextcloud/lib/base.php line 1030
OC\Route\Router->match()
28. /config/www/nextcloud/index.php line 36
OC::handleRequest()
GET /settings/admin/ldap
from 10.10.10.195 by ncadmin at 2022-10-16T21:28:54+00:00
The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'memcache.local' => '\\OC\\Memcache\\APCu',
'redis' =>
array (
'host' => 'nextcloud-redis',
'port' => 6379,
'timeout' => 0.0,
),
'datadirectory' => '/data',
'instanceid' => '*** sensitive parameters replaced ***',
'passwordsalt' => '*** sensitive parameters replaced ***',
'secret' => '*** sensitive parameters replaced ***',
'trusted_domains' =>
array (
0 => '*** sensitive parameters replaced ***',
),
'trusted_proxies' => ['10.10.10.195'],
'dbtype' => 'mysql',
'version' => '24.0.6.1',
'overwrite.cli.url' => '*** sensitive parameters replaced ***',
'overwritehost' => '*** sensitive parameters replaced ***',
'overwriteprotocol' => 'https',
'dbname' => 'nextcloud',
'dbhost' => 'nextcloud-db',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud',
'dbpassword' => '*** sensitive parameters replaced ***',
'installed' => true,
'mail_from_address' => 'no-reply',
'mail_smtpmode' => 'smtp',
'mail_sendmailmode' => 'smtp',
'mail_domain' => '*** sensitive parameters replaced ***',
'mail_smtpsecure' => 'tls',
'mail_smtpauth' => 1,
'mail_smtphost' => '*** sensitive parameters replaced ***',
'mail_smtpport' => '587',
'mail_smtpname' => '*** sensitive parameters replaced ***',
'mail_smtppassword' => '*** sensitive parameters replaced ***',
'default_phone_region' => 'de',
'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
'default_language' => 'de',
'default_locale' => 'de_DE',
'defaultapp' => 'files',
'skeletondirectory' => '',
'updater.release.channel' => 'stable',
);
The output of your Apache/nginx/system log in /var/log/____:
no errors
The LDAP config looks perfectly fine to and works from another container on the same host without issues:
+-------------------------------+-----------------------------------------------------------------------------------+
| Configuration | s01 |
+-------------------------------+-----------------------------------------------------------------------------------+
| hasMemberOfFilterSupport | 1 |
| homeFolderNamingRule | |
| lastJpegPhotoLookup | 0 |
| ldapAgentName | CN=svc.nextcloud,CN=Users,DC=ad,DC=*** sensitive parameters replaced ***,DC=de |
| ldapAgentPassword | *** |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | |
| ldapBackupHost | |
| ldapBackupPort | |
| ldapBase | dc=ad,dc=*** sensitive parameters replaced ***,dc=de |
| ldapBaseGroups | cn=users,dc=ad,dc=*** sensitive parameters replaced ***,dc=de |
| ldapBaseUsers | cn=users,dc=ad,dc=*** sensitive parameters replaced ***,dc=de |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 0 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 0 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | |
| ldapExpertUsernameAttr | |
| ldapExtStorageHomeAttribute | |
| ldapGidNumber | gidNumber |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | (&(objectClass=Group)(cn=grp.*)) |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 1 |
| ldapGroupFilterObjectclass | |
| ldapGroupMemberAssocAttr | member |
| ldapHost | ldaps://192.168.10.4 |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (&(objectClass=person)(memberOf=cn=grp.*)(|(mailPrimaryAddress=%uid)(mail=%uid))) |
| ldapLoginFilterAttributes | |
| ldapLoginFilterEmail | 1 |
| ldapLoginFilterMode | 1 |
| ldapLoginFilterUsername | 0 |
| ldapMatchingRuleInChainState | unknown |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | |
| ldapPagingSize | 500 |
| ldapPort | 636 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | 0 |
| ldapUserAvatarRule | default |
| ldapUserDisplayName | displayname |
| ldapUserDisplayName2 | |
| ldapUserFilter | (&(objectClass=person)(memberOf=grp.*)) |
| ldapUserFilterGroups | |
| ldapUserFilterMode | 1 |
| ldapUserFilterObjectclass | person |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| turnOffCertCheck | 0 |
| turnOnPasswordChange | 0 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+-----------------------------------------------------------------------------------+
Any help, hints, ideas are much appreciated.